summaryrefslogtreecommitdiffstats
path: root/dbus/dbus-auth.c
diff options
context:
space:
mode:
authorKristian Høgsberg <krh@redhat.com>2004-05-17 23:34:55 +0000
committerKristian Høgsberg <krh@redhat.com>2004-05-17 23:34:55 +0000
commitc614e5b4b12c771422da809014904fccccd442c8 (patch)
tree32dd677a603a747f91110f666a1436a8950cdf0c /dbus/dbus-auth.c
parent6527ee5134d8fef66549cdbb634a79b27aae90fc (diff)
* dbus/dbus-auth.c (client_try_next_mechanism): Remove logic to
filter against auth->allowed_mechs; we only add allowed mechs in record_mechanisms(). * dbus/dbus-auth-script.c (_dbus_auth_script_run): Add an ALLOWED_MECHS to auth-script format so we can set the list of allowed mechanisms. * data/auth/client-out-of-mechanisms.auth-script: New test to check client disconnects when it is out of mechanisms to try. * dbus/dbus-auth.c (process_command): Remove check for lines longer that 1 MB; we only buffer up maximum 16 kB. * dbus/dbus-transport.c, dbus/dbus-transport-unix.c, dbus/dbus-auth-script.c, dbus/dbus-auth.c, dbus/dbus-auth.h: Remove auth state AUTHENTICATED_WITH_UNUSED_BYTES, instead always assume there might be unused bytes. * dbus/dbus-auth.c (_dbus_auth_do_work): Remove check for client-out-of-mechs, it is handled in process_reject(). Move check for max failures to send_rejected(), as it's a server-only thing.
Diffstat (limited to 'dbus/dbus-auth.c')
-rw-r--r--dbus/dbus-auth.c63
1 files changed, 10 insertions, 53 deletions
diff --git a/dbus/dbus-auth.c b/dbus/dbus-auth.c
index 7e6d3d86..57616673 100644
--- a/dbus/dbus-auth.c
+++ b/dbus/dbus-auth.c
@@ -1274,6 +1274,9 @@ send_rejected (DBusAuth *auth)
server_auth = DBUS_AUTH_SERVER (auth);
server_auth->failures += 1;
+ if (server_auth->failures >= server_auth->max_failures)
+ auth->need_disconnect = TRUE;
+
_dbus_string_free (&command);
return TRUE;
@@ -1605,34 +1608,15 @@ client_try_next_mechanism (DBusAuth *auth)
DBusAuthClient *client;
client = DBUS_AUTH_CLIENT (auth);
-
- /* Pop any mechs not in the list of allowed mechanisms */
- mech = NULL;
- while (client->mechs_to_try != NULL)
- {
- mech = client->mechs_to_try->data;
- if (auth->allowed_mechs != NULL &&
- !_dbus_string_array_contains ((const char**) auth->allowed_mechs,
- mech->mechanism))
- {
- /* don't try this one after all */
- _dbus_verbose ("%s: Mechanism %s isn't in the list of allowed mechanisms\n",
- DBUS_AUTH_NAME (auth), mech->mechanism);
- mech = NULL;
- _dbus_list_pop_first (& client->mechs_to_try);
- }
- else
- break; /* we'll try this one */
- }
-
- if (mech == NULL)
- return FALSE;
+ _dbus_assert (client->mechs_to_try != NULL);
+
+ mech = client->mechs_to_try->data;
if (!send_auth (auth, mech))
return FALSE;
- _dbus_list_pop_first (& DBUS_AUTH_CLIENT (auth)->mechs_to_try);
+ _dbus_list_pop_first (&client->mechs_to_try);
_dbus_verbose ("%s: Trying mechanism %s\n",
DBUS_AUTH_NAME (auth),
@@ -1662,6 +1646,8 @@ process_rejected (DBusAuth *auth,
else
{
/* Give up */
+ _dbus_verbose ("%s: Disconnecting because we are out of mechanisms to try using\n",
+ DBUS_AUTH_NAME (auth));
auth->need_disconnect = TRUE;
}
@@ -1793,15 +1779,6 @@ process_command (DBusAuth *auth)
return FALSE;
}
- if (eol > _DBUS_ONE_MEGABYTE)
- {
- /* This is a giant line, someone is trying to hose us. */
- if (!send_error (auth, "Command too long"))
- goto out;
- else
- goto next_command;
- }
-
if (!_dbus_string_copy_len (&auth->incoming, 0, eol, &command, 0))
goto out;
@@ -2061,33 +2038,13 @@ _dbus_auth_do_work (DBusAuth *auth)
DBUS_AUTH_NAME (auth));
break;
}
-
- if (auth->mech == NULL &&
- auth->already_got_mechanisms &&
- DBUS_AUTH_CLIENT (auth)->mechs_to_try == NULL)
- {
- auth->need_disconnect = TRUE;
- _dbus_verbose ("%s: Disconnecting because we are out of mechanisms to try using\n",
- DBUS_AUTH_NAME (auth));
- break;
- }
}
while (process_command (auth));
- if (DBUS_AUTH_IS_SERVER (auth) &&
- DBUS_AUTH_SERVER (auth)->failures >=
- DBUS_AUTH_SERVER (auth)->max_failures)
- auth->need_disconnect = TRUE;
-
if (auth->need_disconnect)
return DBUS_AUTH_STATE_NEED_DISCONNECT;
else if (auth->authenticated)
- {
- if (_dbus_string_get_length (&auth->incoming) > 0)
- return DBUS_AUTH_STATE_AUTHENTICATED_WITH_UNUSED_BYTES;
- else
- return DBUS_AUTH_STATE_AUTHENTICATED;
- }
+ return DBUS_AUTH_STATE_AUTHENTICATED;
else if (auth->needed_memory)
return DBUS_AUTH_STATE_WAITING_FOR_MEMORY;
else if (_dbus_string_get_length (&auth->outgoing) > 0)